package com.lizhe.springboot_jsp_shiro.controller;

import com.lizhe.springboot_jsp_shiro.eneity.User;
import com.lizhe.springboot_jsp_shiro.service.UserService;
import com.lizhe.springboot_jsp_shiro.utils.VerifyCodeUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * 类描述:
 *
 * @author Lz on 2022-05-19
 */
@Controller
@RequestMapping("/user")
public class UserController {

    @Autowired
    private UserService userService;

    // 登陆认证
    @RequestMapping("login")
    public String login(String username, String password,String code,HttpSession session) {

        //比较验证码
        String codes = (String) session.getAttribute("code");

        try {
            if(codes.equalsIgnoreCase(code)){
                // 获取主题对象 验证
                Subject subject = SecurityUtils.getSubject();
                subject.login(new UsernamePasswordToken(username, password));

                //boolean authenticated = subject.isAuthenticated();
                //System.out.println("认证状态：" + authenticated);


                return "redirect:/index.jsp";
            }else {
                throw new RuntimeException("验证码错误！");
            }

        } catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("用户名错误");
        } catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            System.out.println("密码错误");
        } catch (Exception e) {
            e.printStackTrace();
            System.out.println(e.getMessage());
        }
        return "redirect:/login.jsp";
    }

    // 退出
    @RequestMapping("logout")
    public String logout() {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "redirect:/login.jsp";
    }

    // register
    @RequestMapping("register")
    public String register(User user) {
        try {
            userService.register(user);
            return "redirect:/login/jsp";
        } catch (Exception e) {
            e.printStackTrace();
            return "redirect:/register.jsp";
        }
    }

    @RequestMapping("getImage")
    public void getImage(HttpSession session, HttpServletResponse response) throws IOException {
        //生成验证码
        String code = VerifyCodeUtils.generateVerifyCode(4);
        //验证码放入session
        session.setAttribute("code",code);
        //验证码存入图片
        ServletOutputStream os = response.getOutputStream();
        response.setContentType("image/png");
        VerifyCodeUtils.outputImage(220,60,os,code);
    }


    // @RequestMapping("save")
    // public String sava() {
    //     System.out.println("进入方法");
    //
    //     // 获取主体对象
    //     Subject subject = SecurityUtils.getSubject();
    //     if (subject.hasRole("admin")) {
    //         System.out.println("保存订单");
    //     } else {
    //         System.out.println("无权访问!");
    //     }
    //     //基于权限字符串
    //     //....
    //     return "redirect:/index.jsp";
    // }
}
